"""
Security environment settings.

These settings control security-related behavior like SSRF validation.
"""

import os
from ..env_settings import BooleanSetting


# External environment variables (set by pytest, CI systems)
# These are read directly since we don't control them
PYTEST_CURRENT_TEST = os.environ.get("PYTEST_CURRENT_TEST")


# LDR Security settings (our application's security configuration)
SECURITY_SETTINGS = [
    BooleanSetting(
        key="security.ssrf.disable_validation",  # gitleaks:allow
        description="Disable SSRF validation (test/dev only - NEVER in production)",
        default=False,
    ),
]
